oak9
GTM Catalyst - Investor Spotlight
Reducing cognitive load and lost cycles for your developers by evaluating architectures and Security as Code (SaC), and creating fully formed Infrastructure-as-Code (IaC) modules via Pull Requests (PRs)
COMPETITIVE DIFFERENTIATION
Competitors simply perform static scans and provide contextual cues
Enterprise customers often have security requirements that are complex - with conditionals, exceptions, and contextual nuances. Expecting developers to receive a report of violations is not acceptable, even with contextual cues. Too much time is wasted researching with no assurance the results will change. Having a pull request presented to the developer with all changes as per the desired architecture changes the relationship between security and engineering.
PROTECTING DEVELOPER TIME
Ensuring we protect against lost engineering cycles does more than just save time
There is an asymmetry between the number of developers a company has, and how many security practitioners they have. This has historically led to report-focused security programs that don't support engineering-centric cultures. Investing in tooling that can reduce friction and time lost is critical to building sustainable security programs.
TYTHON: SECURITY-AS-CODE
An Open Source framework to establish Security-as-Code in your language of choice
There is a massive benefit to having a Security-as-Code framework that supports polyglot languages. Combining the efficiency of your own language, with the use of oak9's security graph, allows for true depth in creating guardrails and blueprints that work for your deployments.